Analysis of a malicious Word document
Malicious Microsoft Office documents are one of the most common infection vectors. Usually received via email, they are the first step to compromise a system. I wanted to showcase in this article how this is usually performed, and share my analysis methods with you. Initial assessment Context This file was detected as an attachment of numerous received emails. It was blocked by the email gateway. Its name was factuur.doc, which means “invoice”, a well known disguise for malware droppers....